links

Cloud Native DevOps and Microservices - overview

Cloud native development is primarily motivated by the quest for agility which is defined as innovation delivered with speed and insight. Cloud Native development presents a very different development style than the traditional software development aimed at packaged products. Traditional software development is characterized by very long release cycles (typically 6 months), and having different teams, potentially different organizations, taking responsibility for the development of the software and for its operations. Cloud native development is radically different, starting with the fact that the software is meant to be delivered as a service, noticing secondly that the service, once delivered, has to be continuously running, and last, that if done right, new capabilities can be delivered and made available, through that service extremely frequently (even daily). If a service owner is successful then she will attract competitors. In order to keep her advantage she must instrument her service to gain insight used to plan the next set of capabilities. Insight gained through smart instrumentation, data gathering and analytics, together with speed of delivering new functionality, are absolutely necessary in order to keep her advantage.

This is a new world very different than what we used to know from the traditional 'software development and life-cycle' school of thought It calls for new ways of thinking about software design patterns, testing and automated testing, troubleshooting and problem determination, security and compliance, and ITIL process transformation.

2. The changing life cycle: extremely short software life cycle (days instead of months) and cleaner automated full-software-stack deployment, enable and necessitate taking a new look at every phase of the life cycle.

A. New styles of testing such as resiliency testing, testing in production, and A/B experimentation and testing are enabled but not yet sufficiently explored

B. Traditional ITIL Ops processes such as patch management can and should be totally transform to fit into this new world. We claim that patching in place of a running system will be replaced by detecting and re-mediating vulnerabilities pre-deployment. This is just one example of the type of analytics that should be employed pre-deployment to ensure quality.

C. Testing and Runtime problem determination morph, giving way to log based testing and analysis, and opportunity to correlate runtime incidents with code. With such short life cycles iterations, there is a much greater chance that a problem in production is caused by a new code commit.

3. Data driven analytics across the life cycle: Development in the cloud provides opportunity to collect and analyze data across the life cycle from code commit, to build, and runtime. How to leverage the data for better/faster PD, and for ensuring quality, security and compliance is an open area of research. We currently investigate applying machine learning (cognitive) techniques to analyze the data.

4. New approach to Security and Compliance (DevSecOps). Security and Compliance are conceived as conflicting with agility. We need a new approach integrating analysis and checks into the DevOps pipeline in order to guarantee security and compliance without negatively affecting speed of delivery.

Microservices are a set of principles for cloud native development (including loose coupling and failure resiliency). In 2016, we delivered Amalgam8 which is our own Microservice fabric: Polyglot, with rich control of layer 7 routing rules across Microservices. This fabric provides a set of APIs that can now be leveraged to collect data (such as communication latency, protocols, transactions, etc) and to affect data (by changing the communication patterns between Microservices). Using this powerful control point we are now ready to provide the next level of powerful tools for cloud native development to enable A/B testing and hypothesis driven development, better resiliency and vulnerability testing.